﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.Sql;
using System.Data.SqlClient;

namespace NSX07
{
    public partial class register : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {
           
        }

        protected void btnRegister_Click(object sender, EventArgs e)
        {
            string username = txtUsername.Text.ToString();
            string password = txtPassword.Text.ToString();
            string passwordConfirm = txtPasswordConfirm.Text.ToString();
            string name = txtName.Text.ToString();
            string address = txtAddress.Text.ToString();
            string city = txtCity.Text.ToString();
            string phone = txtPhone.Text.ToString();
            string homepage = txtHomepage.Text.ToString();

            // check username and password from database

            //CustomerTableAdapter customer = new CustomerTableAdapter();
            //System.Web.Configuration.WebConfigurationManager.ConnectionStrings.ToString();
            SqlConnection cn = new SqlConnection();
            cn.ConnectionString = System.Web.Configuration.WebConfigurationManager.ConnectionStrings["ConnectionString"].ToString();

            //string QueryString = "SELECT * FROM Customer WHERE username = '" + txtUsername.Text + "'";
            SqlCommand cmd = new SqlCommand("SELECT * FROM Customer WHERE username = @username", cn);
            cmd.Parameters.Add("@username", SqlDbType.VarChar);
            cmd.Parameters["@username"].Value = txtUsername.Text;
            cn.Open();

            SqlDataReader rdr = cmd.ExecuteReader();
            rdr.Read();

            // check username
            if (rdr.HasRows == true)
            {

                lblusername.Text = "username exist!";
            }
            else
            {
                // check password confirm
                if(password != passwordConfirm)
                {
                    lblpwc.Text = "The passwords did not match";
                    lblusername.Text = "";
                }
                else
                {
                    rdr.Close();
                    // check other fill

                    // insert new member
                    SqlCommand cmdinsert = new SqlCommand("INSERT INTO Customer(username, password, name, address, city, phone, ip, usernameAccess, passwordAccess, urlAccess, homepage, role, state) Values(@username, @password, @name, @address, @city, @phone,  '', '', '', '', @homepage, 'customer', 0)", cn);

                    cmdinsert.Parameters.Add("@username", SqlDbType.VarChar);
                    cmdinsert.Parameters["@username"].Value = username;

                    cmdinsert.Parameters.Add("@password", SqlDbType.VarChar);
                    cmdinsert.Parameters["@password"].Value = password;

                    cmdinsert.Parameters.Add("@name", SqlDbType.VarChar);
                    cmdinsert.Parameters["@name"].Value = name;

                    cmdinsert.Parameters.Add("@address", SqlDbType.VarChar);
                    cmdinsert.Parameters["@address"].Value = address;

                    cmdinsert.Parameters.Add("@city", SqlDbType.VarChar);
                    cmdinsert.Parameters["@city"].Value = city;

                    cmdinsert.Parameters.Add("@homepage", SqlDbType.VarChar);
                    cmdinsert.Parameters["@homepage"].Value = homepage;

                    cmdinsert.Parameters.Add("@phone", SqlDbType.VarChar);
                    cmdinsert.Parameters["@phone"].Value = phone;
                    
                    cmdinsert.ExecuteNonQuery();

                    Session["Authenticate"] = "Yes";
                    Session["User"] = username;
                    Session["Role"] = "customer";

                    Response.Redirect("~/registersuccessful.aspx");
                }
            }
        }
    }
}
